Massachusetts Jobs

MassHire JobQuest Logo

Job Information, Inc GRC Security Compliance (Senior Manager, Or Director) in Burlington, Massachusetts

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Products and Technology

Job Details

GRC Security Compliance Senior Manager, Or Director (Level dependent based on experience)


Salesforce Security, Governance, Risk, and Compliance (GRC) Team is responsible for enterprise wide GRC ensuring Salesforce leadership has the information needed to make strategic risk-based decisions enabling the achievement of Salesforce business objectives globally. Our team builds and deploys common governance, risk, and compliance processes, controls, conducts audits, and ensures that technologies and business operations structured and configured for data protection and compliance.

Required Locations: San Francisco, CA or Bellevue, WA, or Herndon, VA, or Burlington, MA or Indianapolis, IN

Once back to the office is announced person is required to work from one of the above locations, no other locations are approved.

GRC Design and Case Management - is to be the single source of truth for all security issues and exceptions within Salesforce, while driving accountability for resolution and reporting on the health of Security Controls, Risk, Issues, and Exceptions. We are the driver and enabler of GRC process integration. Creating a knowledge library and running data analytics to drive source risk security decisions. Educate and drive adoption of the program by all stakeholders.

GRC Integrated Design and Enterprise Governance and Risk Management - responsible for the end-to-end design of integrated GRC processes at scale. This includes the design of Governance, Risk, Compliance (External Audits), Issue Management, Common Controls Framework, and the eGRC tool, responsible for driving and executing Security Governance, the Tier 1 Security Risk Assessment process

GRC Orchestration Teams - teams include leading external audits, driving issue resolution, conducting Tier 2 risk assessments to operationalize the GRC processes designed by the GRC Integrated Process and Design teams and provide feedback to the design team to continue to improve processes.

Controls Assurance - team will bring together the internal controls testing team, vendor audit program, and continuous security controls monitoring team into one unified controls assurance team.

Public Sector & GRC Technology Advisory - strategic growth of our U.S. & international Public Sector business and innovating around the high baseline of controls, working cross-functionally to build compliance controls consistent delivery of public sector compliance deliverables.


  • Significant knowledge and experience in all facets of GRC security compliance

  • 8+ years of related GRC experience

  • Knowledge of, or experience working with, Cloud technologies/environments, prefer AWS.

  • Strong knowledge of security risk management frameworks including related regulatory compliance requirements (NIST CSF & 800-53, ISO27001, SOC, HITRUST, HIPAA, FedRamp, PCI, GDPR, etc.)

  • Creates and maintains security risk management standards, frameworks, processes, procedures, and other program documentation

  • Engaging and managing multiple large scale enterprise projects

  • Leading and managing large budgets

  • Leading and influencing programs to successful completions

  • 10% travel could be needed depending on role.

  • Able to work in one of the following locations; San Francisco, CA/Bellevue, WA/Herndon, VA/Burlington, MA/Indianapolis, IN. About 3 days a week.

Requirements depending on department:

  • Understanding of qualitative and quantitative risk modeling

  • Experience with data and analytics

  • Experience creating and utilizing KPAs and KRIs

  • Engaging and managing consulting partners for large scale projects

  • Knowledge of enterprise security relevant legal/regulatory requirements and industry trends

  • Experience with strategy development and organizational leadership

  • Proven ability to engage with and align senior executives

  • Ability to motivate people, instill accountability, and achieve results

  • Experience with dashboards and data visualization tools

  • Agile, proactive, comfortable working with ambiguous specifications and can prioritize on the fly

  • Thrives in a fast-paced, collaborative environment, using research and analysis to support recommendations and opinions

  • Excellent interpersonal and relationship skills

  • Excellent presentation and communication skills

  • Detail oriented with an eye for quality


  • Relevant BA/BS degree and/or certifications (CRISC, CISSP, CCIE, CISM, CISA, CCSK)

  • Building and executing on security frameworks such as FedRAMP, ISO 27001, SOC1/2, PCI, NIST, etc.

  • You have relevant knowledge of network engineering, systems engineering and related device engineering if appropriate as appropriate for your focus area.

  • Experience with dashboards and data visualization tools

  • Knowledge of enterprise security relevant legal/regulatory requirements and industry trends

  • Experience with GRC tools (Metricstream, Archer, etc.)

Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. The company was founded on three disruptive ideas: a new technology model in cloud computing, a pay-as-you-go business model, and a new integrated corporate philanthropy model. These founding principles have taken our company to great heights, including being named one of Forbes’s “World’s Most Innovative Company” five years in a row and one of Fortune’s “100 Best Companies to Work For” eight years in a row. Inclusive Benefits & Perks around parental leave and childcare subsidies. We are the fastest growing of the top 10 enterprise software companies, and this level of growth equals incredible opportunities to grow a career at Salesforce. Together, with our whole Ohana (Hawaiian for "family") made up of our employees, customers, partners, and communities, we are working to improve the state of the world!

Accommodations - If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form. at

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits. at and at are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. at and at do not accept unsolicited headhunter and agency resumes. at and at will not pay any third-party agency or company that does not have a signed agreement with at or

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Founded in 1999, Salesforce is the global leader in Customer Relationship Management (CRM). Companies of every size and industry are using Salesforce to transform their businesses, across sales, service, marketing, commerce, and more by connecting with customers in a whole new way. We harness technologies that can revolutionize companies, careers, and, hopefully, our world.

Salesforce is built on a set of four core values: Trust, Customer Success, Innovation, and Equality. By making technology more accessible, we're helping create a future with greater opportunity and equality for all. This has taken our company to great heights, including being ranked by Fortune as one of the “Most Admired Companies in the World” and one of the “100 Best Companies to Work For” eleven years in a row, and named “Innovator of the Decade” and one of the “World’s Most Innovative Companies” eight years in a row by Forbes.

There are those who choose to work with the best and brightest. And then, there are those who want to do more than just a job. They are the ones improving lives, not only their careers. Having an impact now instead of later. Doing something that’s so much bigger than themselves, an industry, and their company.

We believe everyone can be a Trailblazer. Join Salesforce and discover a future of new opportunities.